(originally posted on the mozilla.dev.security group, was suggested to post here as well)
Hi, I work on the SWT Browser, which embeds XULRunner. I've been stuck on a problem for a while now, and would really appreciate help with an issue which could be a simple one. As of XULRunner 1.9, when navigating to a site whose cert is considered invalid (eg.- https://verisign.com), embedders get an error alert ("...site has invalid cert...") with no opportunity to proceed. So I've implemented a dialog that allows the user to see what the cert problem is, say "go ahead anyways", and then add the cert to the nsICertOverrideService (this happens in an nsIBadCertListener2.NotifyCertProblem() implementation). With XULRunner 1.9.1 this all works perfectly fine. However it's critical for us that this work with XULRunner 1.9.x as well, and with this version the nsICertOverrideService.RememberValidityOverride() invocation always returns NS_ERROR_FAILURE. I've dug to see where this diverges for us vs. firefox 3.0.9, and it happens in devtoken.c's find_objects()'s invocation of C_FindObjects(). The args passed to this call are the same for us and firefox (session->handle is the default 16777217, numhandles=0, arraysize=1), but firefox gets a returned object count of 1 while we get 0. I'm guessing that our embedding case is missing something that would result in the default session having the object it's looking for, but I have no idea what it is. Can anyone suggest what it would be? And if additional info would be helpful then please let me know. Thanks in advance for your help! Grant -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
